Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Neustar Second Annual DDoS 2012 SurveyDownload full survey: PDFLast year, Neustar reported on the DDoS landscape during 2011. This year, it surveyed IT pros on their experiences in 2012. Did the threat of DDoS grow or shrink? What were the costs of downtime? In total, were companies better prepared to protect their websites and their brands?

In comparing threats to readiness, the answers weren't encouraging:

DDoS attacks continue to grow in frequency and impact

While a handful of massive attacks dominated the headlines — especially in the banking industry, where many suspect the hand of unfriendly nation-states — most DDoS attacks are less than 100Mbps in size

As in 2011, over 1/3 of attacks lasted longer than 24 hours, extending downtime, customer complaints and mitigation costs

Connecting the dots: it doesn't take a mega-attack to cause lasting damage, merely well-planned strikes on poorly defended websites

While more companies are investing in some type of DDoS protection...

Most still rely on firewalls and other traditional solutions that get bottlenecked during attacks and accelerate outages

Most Frequent Ddos Victims – As in 2011, financial and ecommerce businesses were the most frequent DDoS victims. Last year, 32% of financial organizations reported being attacked. In 2012, the number increased to 44%. Starting in Q3 2012 and continuing to the present, banks in particular have suffered large, disruptive attacks, with specialized botnets such as "itsoknoproblembro" amplifying the destructive impact.(Source: Neustar 2012 DDoS Survey)The data reported here is from a wide-ranging survey, not from Neustar's network monitoring or DDoS mitigation efforts. The data reflects the realities faced by diverse IT professionals across numerous industries, among companies large and small. It shows the real challenge most companies face today: how to gauge the threat clearly and respond within their means.

Among the key findings from the survey, 35% of organizations experienced a disruptive DDoS attack in 2012. Of those surveyed, 39% of retailers and 41% of ecommerce businesses experienced an attack last year. Additionally, more than a quarter of respondents (26%) indicated a DDoS outage could cost between $50-100k per hour, further showcasing the need for a strategy around DDoS protection and mitigation.

Additional survey findings include:

Key sectors reported higher rates of attack: The number of retailers experiencing an attack increased by 144% from 2011 levels to reach an overall level of 39% in 2012; financial organizations experienced a 38% increase in attacks year-to-year with 44% of financial organizations being victimized in 2012.

Though more companies are deploying DDoS protection — only 8% had no protections in place compared to 25% in 2011 — few have invested in purpose-built hardware or third-party expertise.

The latter is alarming; while 66% of companies use firewalls, routers and switches for DDoS protection, these networking products create bottlenecks that actually aid attackers.

How long did DDos attacks last?

2012 Annual DDoS Attacks & Impact Infographic – To see how DDoS attacks affected businesses in 2012, Neustar surveyed over 700 IT pros. Comparing 2012 results with out 2011 survey, it's clear that many people are still hoping and wishing and praying they can solve a complex problem with old-school solutions. (Click to Enlarge Image)Tracking with last year’s results, survey found over a third of all DDoS attacks lasted more than 24 hours: 37% in 2012 versus 35% in 2011. Some attacks stretched out for several days or even longer — with 20% of attacks lasting between 3 days and 7+ days. The longest attacks, those lasting over a week, increased from 10% in 2011 to 13% in 2012.

According to Christian A. Christiansen, Chris Liebert and Charles J. Kolodgy of IDC Research, in a February 2013 report, entitled The Business Value of Hybrid Cloud-based Compromise Intelligence Monitoring and Threat Mitigation, "Given the complex nature of today's threats, enterprises can achieve a strategic advantage by employing a new layer of security that is services based. Cloud-based services are an important aspect of this approach to security and provide always-on monitoring without the added expense of buying and maintaining on-premise equipment."

Built on a dedicated, globally distributed Anycast network, SiteProtect can be instantly deployed and remains activated until the danger is gone. With SiteProtect handling the DDoS, your responses remain nimble and in sync with customer requests. Online business continues even as the attack unfolds.

For larger organizations, SiteProtect is an ideal complement to in-house mitigation hardware. As a cloud-based failover solution, SiteProtect provides the bandwidth to absorb malicious traffic and enables you to launch countermeasures in real time. Using a hybrid approach, you can leverage your investments in DDoS detection and alerting, avoid outages and minimize disruptions.

About Neustar – Every day, the world generates roughly 2.5 quadrillion bits of data. Neustar isolates certain elements and analyzes, simplifies and edits them to make precise and valuable decisions that drive results. Visit Page

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Cybercriminals recognize the value of DNS availability and look for ways to compromise DNS uptime and the DNS servers that support it. As such, DNS becomes an important point of security enforcement and a potential point in the Cyber Kill Chain for many cyber-attacks. more

Verisign has qualified for the Online Trust Alliance's (OTA) 2017 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. This is the fifth consecutive year that Verisign has received this honor. more

eco Internet Industry Association E.V., Europe's largest Association serving the interest of the Internet Industry with more than 1,000 members from more than 60 countries and the Internet Infrastructure Coalition (i2Coalition), a rapidly growing association with 100+ of the largest and most influential members in the Internet infrastructure industry, plan to intensify their longstanding co-operation. more

Verisign has just released Q4 2016 DDoS Trends Report providing a unique view into the attack trends unfolding online through observations and insights derived from distributed denial of service (DDoS) attack mitigations, enacted on behalf of Verisign DDoS Protection Services, and security research conducted by Verisign iDefense Intelligence Services. more

Verisign has released its Q3 2016 DDoS Trends Report providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services. more

The unexpected election of Donald Trump, along with continued Republican control of both houses of Congress will have a big impact on our US priorities. While the outlook remains unclear, we've prepared the memo below examining the initial impact the election may have on issues that matter to Internet infrastructure companies and organizations. more

We recently discussed governmental organizations that send out warnings rather than preventing spear phishing attacks through email authentication. Therefore it's good to see a pair of prominent governmental organizations giving clear guidance to their constituents about using DMARC to enforce authenticity of email on their domains. The British Government Digital Service announced in June an upcoming requirement that all services using subdomains of gov.uk would need to have a DMARC policy at enforcement. more

The company will use the funds to meet the rapidly expanding demand for its patent-pending authentication platform which brings visibility, control, compliance, and security to cloud-based email services. more

When it comes to something as important as DNS, the entity responsible for keeping your website online, some companies choose to play Russian roulette with their strategy by just using one DNS provider. more

Layer 7 attacks are some of the most difficult attacks to mitigate because they mimic normal user behavior and are harder to identify. Verisign's recent trends show that DDoS attacks are becoming more sophisticated and complex, including an increase in application layer attacks. more

At least 60% of brands will discover a breach of sensitive data. However, many organizations simply don't know what they don't know. Researchers at MIT discovered that a full 75 percent of breaches go undiscovered for weeks or months and 67 percent of breaches were aided by significant errors from employees of the victimized firm. more

The introduction of hundreds of new Top-Level Domains (TLDs) is an exciting time for consumers, businesses, and the Internet community as a whole. However, malicious actors seeking new channels to pursue their activities are also rubbing their hands together with the launch of these TLDs. more

Neustar this week published a research report, "DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us," detailing how Domain Name System Security Extensions (DNSSEC) can be subverted as an amplifier in Distributed-Denial-of-Service (DDoS) attacks. more

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead4635

A World-Renowned Source for Internet Developments. Serving Since 2002.